Pulse Connect Secure Zero-day Remote Code Execution Vulnerability
RISK: Extremely High Risk
TYPE: Security software and application - Security Software & Appliance
A vulnerability was identified in Pulse Connect Secure, a remote attacker could exploit this vulnerability to trigger remote code execution and security restriction bypass on the targeted system.
- This vulnerability is reported to have been exploited in the wild.
[Updated 4-May-2021] Security update for Pulse Connect Secure has been released.
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
- Pulse Conncet Secure 9.0R3 and Higher
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
Import the workaround xml file to mitigate the vulunbility, please visit the software vendor web-site for more details.
Use Pulse Connect Secure Integrity Tool to check the integrity of file systems, please visit the software vendor web-site for more details.